John the Ripper 1.7.8-jumbo-7 Released
The Hacker News
Change Log :
* Support for encrypted pkzip archives has been added, testing millions of candidate passwords per second. (JimF) (This is in addition to WinZip/AES archives, support for which was added in prior -jumbo updates.)
* Support for Mac OS X 10.7 Lion salted SHA-512 hashes has been added (enabled when building against OpenSSL 0.9.8+ only), with optional OpenMP parallelization. (Solar)
* Optional OpenMP parallelization has been added for salted SHA-1 hashes used by Mac OS X 10.4 to 10.6. (Solar)
* PoC support for DES-based 10-character tripcodes has been added (does not use the bitslice DES implementation yet, hence is slow). (Solar)
* The DIGEST-MD5 authentication cracker has been revised to be usable without requiring source code customizations. (magnum)
* Highly experimental support for dynamically loaded plugins (adding new formats) has been added (currently only enabled on Linux). (David Jones)
* Added the ability for the john.conf file to ".include" other .conf files and/or individual sections (e.g., a wordlist rules section may include more rules from elsewhere). (JimF)
* John now makes an attempt to suppress duplicate rules (handy along with the ".include" feature). (JimF)
* More character encodings are now supported. The full list is: raw, utf-8, iso-8859-1, iso-8859-7, iso-8859-15, koi8-r, cp437, cp737, cp850, cp858, cp866, cp1251, cp1252, cp1253.
* Full encoding support for "single crack" mode, rules, and character classes has been implemented. (JimF/magnum)
* Full encoding support for all formats, including md5_gen. (JimF/magnum)
* Some new character classes have been added. (JimF/magnum)
* Support for user-defined character classes has been added, along with some samples in the default john.conf. (magnum)
* New rule reject flag "->N" (reject unless length N is supported by the current hash/cipher type). (magnum)
* New Boolean options in john.conf: LogCrackedPasswords, AlwaysReportUTF8, UnicodeStoreUTF8, CPstoreUTF8. (magnum)
* raw-md5-unicode has been replaced with faster 'thin' raw-md5u. (magnum)
* The generic crypt(3) module now recognizes some "subformats" (md5/sha256/sha512), solely for benchmarking. (magnum)
* Wordlist mode is now much faster when using memory buffer and running against a fast hash/cipher type. (JimF/magnum)
* Unicode DumbForce-like external mode samples have been added (Dumb16 and Dumb32). (magnum)
* Numerous bug, performance, and portability fixes (JimF/magnum/Solar)

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.